his is part three of a three part article on the emergence of cyberattacks and ransomware as a service industry. Part one can be found here, and part two can be found here.
Over the last decade many industry verticals, especially those related to critical infrastructure, have had to face the game-changing fact that cybersecurity must now be a foundational part of each enterprise’s overhead. The medical industry, for example, has been forced to fend off waves of targeted cyber attacks over the last few years. Every operational environment can expect to come under a similar steady escalation in cyber risk.
One way that operational environments fend off such attacks is industry-specific regulations. While these regulations raise the bar on defensive standards for those networks and assets, what our researchers discovered is that they also create similarities that hackers can predict and exploit. What we’ve found is that these regulations are great at preventing lower-effort attacks such as those based on ‘spray-and-pray’ tactics. However, preventing targeted cyber attacks, which are meticulously developed to cause as much havoc as possible to specific industry verticals, can only reliably be prevented by protections that are adapted to industry-specific concerns and backed up with the consistent efforts of security intelligence researchers.
Malicious actors have already been hitting manufacturing with cyber attacks designed to extort as much money as possible for years, thinking that this industry is most likely to produce large and fast payouts in exchange for the return of their assets or data. According to Trend Micro’s March 2021 report ‘The State of Industrial Cybersecurity’, 61% of factories had experienced an incident, with 75% of these incidents resulting in stopped production. 43% of cases where production was stopped lasted over 4 days. The crucial takeaway here is that if you have a profitable business you will be targeted. Secure those assets.
To learn more about how to create a cybersecurity baseline that protects operations from disruption by cyber attack, check out our white paper ‘Optimizing Network and Endpoint Resilience: Manufacturer Cybersecurity in the Era of Digital Transformation’.
